Coming Tomorrow:

The Daily's Response to CNBC's ORC Segment
Postponed until tomorrow due to ongoing research

'America's biggest companies say retail crime is an epidemic, but just how big of a problem is it?'

- CNBC journalist claims the "available data is unreliable" - Questioning the numbers, creditability, retailers and trade groups

- Walgreens CFO Walks Back His Earlier Comments during Jan 6th investors call - after Oct. 15, 2021 article 'Walgreens store closures cause uproar in San Francisco'

- The Cato Institute SVP Legal Studies - Claims it's "blown out of proportion" and is all about 'getting more eyes on their content' (click bait) & 'getting more funding'


ORC Message from ICSC President & CEO, Tom McGee
International Council of Shopping Centers Supporting the ORC Legislative
Effort and More
Last month, I shared that I would be updating you on a more regular basis on important issues impacting the industry and organized retail crime (ORC) is one that is top of mind for many of us today. We are alarmed by the rise in ORC and the toll it is taking on employees, businesses and consumers across the Marketplaces Industry.

It is estimated that in 2021, losses from ORC totaled nearly $100 billion. On top of this, ORC often involves physical assault of employees, and increasingly involves strong arm tactics including firearms. ORC harms communities and retail centers and threatens the safety of consumers and retail workers across our entire country.

ICSC is a leader among the coalition of groups who support the recently enacted INFORM Consumers Act and the recently introduced Combating Organized Retail Crime Act of 2023. This new bipartisan legislation would increase the penalties for those convicted of organized retail crime and strengthen the ability of prosecutors and investigators to bring cases against retail theft crime rings. The measure was introduced by Senators Chuck Grassley (R‑Iowa) and Catherine Cortez Masto (D‑Nevada), along with Representatives Ken Buck (R‑Colorado), Dina Titus (D‑Nevada), Susie Lee (D‑Nevada) and David Joyce (R‑Ohio).

To bring further awareness to this issue, ICSC partnered with the Loss Prevention Research Council within the University of Florida INNOVATE Hub to host the first‑ever Organized Retail Crime Summit in Gainesville, Florida earlier this month. Sen. Grassley spoke about the serious impact ORC has on businesses and communities and the need for legislation to limit organized crime. Marketplace developers, retailers, law enforcement and academia were in attendance, including leaders from the Retail Industry Leaders Association, the National Retail Federation, the University of Florida's Loss Prevention Research Council and the FBI.

Participants in the Summit had a chance to learn about the scope and severity of ORC, emerging anti‑theft technologies and tactics, and share best practices. The audience also was encouraged to engage their elected officials to share stories of how organized retail crime has affected their businesses and communities.

ICSC is committed to putting a stop to ORC. In addition to actively supporting legislative measures at the federal and state levels, we will continue to offer our members opportunities to discuss, learn and collaborate on solutions to protect our industry and our communities.  icsc.com

Another AG Cracks Down on ORC
Kansas AG seeks authority to take on prosecution of organized retail crime

Merchants seek jurisdictional reform to battle criminals moving county to county

Home Depot executive Celinda Gonzalez wants Kansas to enact a law granting the state attorney general authority to pursue organized criminals making retail stores the hub of large-scale theft rings.

She said Kansas needed to approve Senate Bill 442, which would provide Attorney General Kris Kobach with the power to prosecute cases of multi-county theft of retail merchandise for resale on the black market.

She said these criminal organizations often would travel across multiple counties in a coordinated effort. Adding a layer of prosecutorial authority to the attorney general's office would close a jurisdictional loophole in state law that helped the criminal groups to flourish.

Under Senate Bill 244, the attorney general would have concurrent authority with a county or district attorney to prosecute any crime part of an alleged course of criminal conduct occurring in two or more counties. Current Kansas law limited the attorney general to prosecuting cases in which the offender was an officer or employee of a city or county.

Attorney General Kris Kobach appealed Monday to the House Judiciary Committee to echo the Kansas Senate, which passed the bill 35-3. He said the multi-jurisdictional nature of these crimes hampered the ability of law enforcement to properly charge and penalize people for retail theft.

"Unlike shoplifting where an individual steals for personal use, organized retail crime often involves a criminal enterprise with multiple people stealing multiple items from multiple stores in multiple jurisdictions and then selling the stolen good," Kobach said. "Many retailers now forgo attempting to stop thieves in the act, fearing violence in their stores that could hurt customers and their employees."  kansasreflector.com


Progressive AG Faces Backlash As Retail Crime Surges
Nevada's Dem AG Helped Make It Harder To Jail Thieves. Now, He Says Retail Theft Is Out of Control.

Democrat Aaron Ford testified in favor of bill raising felony retail theft threshold from $650 to $1,200

Nevada attorney general Aaron Ford says the state's rising retail theft rates must be curbed. He should know-in 2019, the Democrat testified in support of a law that made it harder for prosecutors to jail retail thieves.

Ford on March 2 presented a bill that would allow his office to "investigate and prosecute organized retail theft crimes." The measure, Ford said, is "necessary" given the rise in retail theft crimes seen in Nevada-last year, for example, the state saw a 15 percent increase in property crimes and a staggering 39 percent increase in drug-store thefts on the Las Vegas Strip. While Ford used the bill as proof he's mounting a proactive push to reverse that trend, critics say he's to blame for the problem in the first place.

That's because Ford in 2019 emerged as a vocal supporter of Assembly Bill 236, a Democrat-led measure that overhauled Nevada's criminal justice system. Included in the bill-which Ford said his office was "intimately involved in"-was a provision that raised the threshold for felony theft from $650 worth of stolen goods to $1,200. As a result, a criminal who steals $1,000 worth of goods, for example, can no longer be charged with a category D felony, which carries a standard sentence of at least a year in jail. Instead, that criminal is now charged with misdemeanor larceny, a charge prosecutors often agree to dismiss if the thief pays a fine and attends an online training program.

Better Nevada PAC, a political group associated with the state's Republican governor, Joe Lombardo, accused Ford of "desperately trying to cover up his pro-criminal agenda."

"He's spent his entire political career decriminalizing serious crimes and trying the hands of law enforcement," spokesman John Burke said. "He simply can't hide from the truth." freebeacon.com


Simon's 'Nationwide Operational Intelligence Center'
Opening the door to internal security efforts following mall shootings

Simon opens door to mall security operations
Stung by recent coverage of the most recent Castleton Square Mall shooting and reflecting a change in corporate philosophy regarding disclosure of its internal security efforts, Simon Property Group afforded FOX59 News a rare behind-the-scenes look at its nationwide Operational Intelligence Center in Indianapolis that keeps a watchful eye on shoppers from coast-to-coast.

The Indianapolis-based property management group operates more than 200 shopping malls in North America.

John Rulli, Chief Administrative Officer for the Simon Group said, "We've generally kept things quiet because we didn't want people to know our security programming. We didn't want the bad guy to understand the capabilities that we had and the fact that we see them, we watch them, we catch them, but we've decided to change that philosophy and let our community know that we're out ahead of it, what we need to do to win and will continue to invest and extend additional technologies until we get to the point where people feel really comfortable that the bad guy stops coming to do bad things on any of our properties."

Behind closed doors at Castleton Square are three command centers where Simon security operatives watch surveillance cameras and monitor data from properties across the United States, the unseen eyes and ears on mall safety augmented by frontline security.

"Within a particular property, we may have 10, 15 security guards, 5, 6, 7 police officers, smart cameras watching the property with OIC operatives and then yet there, 30, 40, 50 , 60 loss prevention people with the retailers that are also engaged in some sort of security," said Rulli. "We are always prepared for what could happen on our properties. We have all the different programming in place to protect our people and if a bad guy shows up, we're gonna see him."

Indianapolis is Simon's home base and Castleton Square is the nerve center of its national security operation. fox59.com


NYPD Headquarters & Other NYC Targets Hit with Bomb Threats
Unfounded bomb threats called in against Manhattan DA, courts, NYPD HQ, as potential Trump indictment looms
Unfounded bomb threats were made against the Manhattan district attorney's office, nearby court buildings and NYPD Headquarters Tuesday - as New York ratchets up security in preparation for former President Trump's possible indictment, the Daily News has learned.

As barricades were set up outside high-profile buildings in lower Manhattan someone called 911 to say that a bomb had been placed at Manhattan Criminal Court, a law enforcement source said.

Additional calls claimed bombs had been placed at NYPD Headquarters as well as Manhattan DA Alvin Bragg's office. All the threats were investigated and quickly determined to be unfounded.

The caller claimed that the bombs were placed in cars either parked inside or outside the buildings, a source said.

A hearing at Manhattan Supreme Court in the New York attorney general's lawsuit against Trump was briefly delayed as a result, with court officials citing a "security risk."

Over the weekend, the 76-year-old former commander-in-chief set off a firestorm by claiming he would be arrested Tuesday and calling on supporters to protest any indictment.

Mayor Adams and NYPD Commissioner Keechant Sewell are outlining security precautions ahead of the decision and have already erected barricades outside Manhattan Criminal Court as well as Trump Tower.

Manhattan Borough President Mark Levine denounced the bomb threats Tuesday, claiming that the Manhattan DA "will not be intimidated by threats directed at him or his office." nydailynews.com


How to ID Active & Mass Shooters Ahead of Time
Study finds mass shooters have distinct patterns of buying guns
The increase in gun violence in the United States has put pressure on law enforcement and others to find ways to reduce it. In 2022, there were 647 mass shootings, up from 383 in 2016. There has also been a three-fold increase in active shooter events between 2000 and 2016. These are defined as "one or more individuals actively engaged in killing or attempting to kill people in a populated area."

A first-of-its-kind study examining records of gun purchases in California found that mass and active shooters have distinct patterns of buying guns compared to other legal purchasers. The UC Davis Violence Prevention Research Program (VPRP) research was published in the Journal of Criminal Justice.

Results

Compared to other legal gun purchasers, mass and active shooters who perpetrated an attack between 1996 and 2018 and had a history of authorized purchasing:

• purchased more handguns in the year before the attack
• purchased their first gun at an older age
• were more likely to have a history of purchase denials

Analyses of individuals from California who perpetrated a mass or active shooting between 1985 and 2018 found that firearms acquired closer to the date of the attack were more likely to be:

• long guns
• used during the attack
• purchased out-of-state
• acquired in an unauthorized manner phys.org


Which Los Angeles neighborhoods are safest? See the latest trends in LA crime rates

New Tucson crime numbers show decrease in violent crime & property crime

Court Allows Workers to Avoid Arbitration for Claims Brought With Sexual Harassment Case
New York federal judge recently shook up the employment law world when he ruled that a new federal law preventing employers from requiring arbitration in sexual harassment claims also blocked arbitration for other claims brought alongside in the same case.

Last year's Ending Forced Arbitration of Sexual Assault and Sexual Harassment Act (EFAA) prohibits employers from unilaterally enforcing arbitration agreements for disputes involving sexual harassment or sexual assault. But few believed that the law would be interpreted so broadly as to also sweep up non-sexual harassment claims that happened to be brought in the same legal action.

The EFAA amended the Federal Arbitration Act (FAA) and was signed into law on March 3, 2022, by President Joe Biden. It amended federal law by ending forced arbitration of sexual harassment and sexual assault disputes. shrm.org


Good News for the Industry

With Little Retail Development Since 2008's Financial Crisis & Rise in Online Shopping - Vacancy Rates At Historic Lows
Meaning, there's lots of historical crime data available for planning purposes

Record Lows: Retail Space Vacancy Rate Fell to 4.9% Dec. 2022 - Lowest Level Since 2005

Store space is incredibly scarce at the moment, and that's an ongoing trend:

Bed Bath & Beyond - Circuit City - Toys R Us - Sports Authority - Sears - Kmart - Biggest source of new store locations comes from other retailers closing stores.

In fact, despite high inflation and a pullback in retail sales, physical store openings exceeded closings last year for the first time since 2016.

And so far store opening announcements have outpaced store closures this year, the firm says, with perennial growth retailers Dollar General, Family Dollar, Dollar Tree and Five Below at the top. Discount gym Planet Fitness is opening about 200 new gyms a year.

TJX, Burlington, Ross, Nordstrom Rack, Container Store, and Home Goods are looking at the 400 former Bed Bath & Beyond spaces. Taking 18 to 24 months for the new retailer to open after signing.

Bed Bath & Beyond may lead to more vacancies. Meanwhile, Tuesday Morning, will close more than 250 stores this year.

"With not a lot of new development going on, everyone's growth will come from second-generation space," cnn.com


No 'Retail Apocalypse' - Just a Shakeup
More than 1,400 stores are closing across the US in 2023

More than a dozen retailers have said they will close at least 1,405 US stores in 2023.

It's not exactly the retail apocalypse of prior years, but it's a shakeup nonetheless. An Insider tally of announcements by major retailers in 2023 finds at least 1,405 stores set to close across the US.

The rationales are varied: some companies are navigating bankruptcy proceedings, while others say they are aiming to cut costs. Several are adjusting store formats to meet changing shopping trends.

The full list of closures:

New Starbucks CEO Hit with Massive Strike
Starbucks union to greet new CEO Narasimhan with 100-cafe strike
nionized Starbucks Corp. baristas plan to welcome their new chief executive officer with strikes at about 100 cafes Wednesday, demanding that the company drop its alleged anti-union coercion.

Striking baristas from Oregon and Washington state plan to converge for a midday protest outside Starbucks headquarters in Seattle.

The work stoppage, which organizers said will involve stores in more than 40 US cities, is the union Starbucks Workers United's latest effort to force a pivot by the coffee giant. Since scoring an initial landmark victory 15 months ago in Buffalo, New York, the union has prevailed in elections at around 290 of the company's roughly 9,000 corporate-owned US cafes. But the pace of new unionization petitions has slowed down, as workers allege the company has been retaliating in stores and stonewalling them at the bargaining table.

Starbucks said earlier this week that it offers industry-leading benefits and that it respects employees' right to organize and protest, but believes having a direct relationship with staff is core to its culture. seattletimes.com


Two Restaurants Testing out Amazon Palm-Scanning Tech
Panera Bread tests Amazon's palm-scanning technology in St. Louis
Panera Bread is piloting Amazon's palm-scanning technology in St. Louis to offer customers a faster way to connect to their loyalty program and pay.

The bakery-cafe chain, which has long been considered a leader in restaurant technology, is the latest restaurant to use what the tech giant has dubbed Amazon One. It's already been implemented in dozens of Amazon-owned Whole Foods locations, Amazon Go stores and some stadiums and arenas. cnbc.com


TJ Maxx, HomeGoods and Ross scooping up vacant Bed Bath & Beyond stores

Foot Locker details store closing - and opening - plans


Quarterly Results

Nike Q4 Nike Direct up 7%, Nike Brand down 1%, Converse down 1%, Wholesale down 7%, sales down 1%
Nike FY Direct up 14%, Nike digital up 18%, Nike-owned stores up 10%, Converse up 6%, sales up 5%

Game Stop Q4 net sales down 1.2%, FY net sales down 1.4%

Citi Trends Q4 comp's down 14.4%, total sales down 13.1%, FY total sales down 19.8%

"Deepfake-as-a-Service" is on the Horizon

Watch Morgan Freeman's Deepfake
Defeating the Deepfake Danger & What About 'Quickfakes'
Deepfakes are becoming increasingly popular with cybercriminals, and as these technologies become even easier to use, organizations must become even more vigilant.

As deepfakes quickly advance in terms of sophistication, they can be scarily convincing, as we've seen in some examples. And what's more, they're becoming increasingly popular with cybercriminals, as these technologies become even easier to use. The introduction of VALL-E, for instance, has raised new concerns about the ability to make deepfake voices quick and easy - in other words, quickfakes.

As these technologies become more accessible and easier use, it's likely to open new opportunities for bad actors with limited resources and technical chops to use them for new forms of cyber-attack and fraud.

The next generation of attacks - weaponizing AI

Deepfakes are part of the ongoing trend of weaponized AI. They're extremely effective in the context of social engineering because they use AI to mimic human communications so well. With tools like these, malicious actors can easily hoodwink people into giving them credentials or other sensitive information, or even transfer money for instant financial gain.

Deepfakes represent the next generation of fraud, by enabling bad actors to impersonate people more accurately and thus trick employees, friends, customers, etc., into doing things like turning over sensitive credentials or wiring money.

Watch Morgan Freeman - Or is it Morgan Freeman? (video to the right)

Bad actors used deepfake voice technology to defraud a company by using AI to mimic the voice of a CEO to persuade an employee to transfer nearly $250,000 to a Hungarian supplier. Earlier this year, the FBI also warned of an uptick in the use of deepfakes and stolen PII to apply for remote work jobs - especially for positions with access to a lot of sensitive customer data.

Turnkey, subscription-based "deepfake-as-a-service" is on the horizon, enabling cybercriminals of all skill levels to launch more sophisticated attacks without first devoting time and resources to creating a custom attack strategy. Cybercriminals could then employ deepfakes in an infinite number of ways, and as these technologies become more widely accessible in the future, the threat will only increase.

There are some security technologies that organizations can deploy, and they will help to a degree. But as with most security issues, humans are often the first and best line of defense. At the risk of sounding like a broken record, it always comes down to cyber hygiene and training. Employees must receive training so they can spot these dangerous deepfakes and spare their organizations the loss of money and reputation. In addition, keep in mind that identity verification remains important. Just like phishing emails, picking up the phone and calling someone after an instruction to do something possibly questionable goes a long way. securityweek.com


Threat Actors Harassing CEO's Wives & Customers Directly & Company's Are Rethinking About Paying Up
As companies stop paying & law enforcement heats up, the gangs will too!

Ransomware gangs incite fear in victims to fuel attacks

Attacks involving data theft nearly doubled and harassment spiked 20 times by late 2022, Palo Alto Networks Unit 42 said.

Ransomware threat actors are ramping up the pressure against their targets with an array of extortion tactics designed to coerce victims into paying, according to Palo Alto Networks research released Tuesday.

A steady and significant shift from encrypting everything quickly to multiple extortion tactics is making response and recovery more stressful for the organizations hit by these attacks, said Michael Sikorski, CTO and VP of threat intelligence at Unit 42, the security vendor's research and incident response outfit.

Encryption, long the primary extortion tactic of ransomware, was skipped altogether in about 1 in 10 ransomware incidents Unit 42 responded to in the second half of 2021 and most of 2022.

Ransomware attacks involving data theft jumped from 40% in mid 2021 to 70% by late 2022, Unit 42 found. Harassment spiked 20 times in ransomware cases during the same period, with threat actors resorting to the tactic in 1 in 5 cases.

Threat actors go low with harassment ploys

"We've seen this harassment just explode," Sikorski said. "We had an investigation with the CEO's wife getting text messages and harassment from the threat actor ... it's stooping to that level."

Other examples shared by Sikorski convey the extent to which threat actors will go to get paid and wreak havoc in the process.

In another case, an organization's CIO told Unit 42 the company didn't realize how bad the harassment would be after it refused to pay the ransom demand and recovered from backups.

The threat actor was harassing the organization's customers so badly it made it look like the damage was being caused by the company and not the threat actor ultimately responsible for the attack, Sikorski said.

"Had I known the harassment was this bad, I would have paid that money because we're losing customers because of it," Sikorski recalled the CIO telling Unit 42.

This changes the dynamics of ransomware negotiations as well, as victim organizations consider the potential risk endured if threat actors sell or leak customer data, and harass or extort the customers directly.

U.S. organizations were the most severely affected by ransomware attacks, accounting for more than 2 in 5 of the observed leaks, and 30 businesses on the Forbes Global 2000 were publicly impacted by extortion attempts last year, the report found.

2023 Prediction

The firm predicts this will be the year a large cloud ransomware compromise occurs. It also expects a rise in extortion related to insider threats and predicts threat actors will use ransomware and extortion to distract from attacks intended to infect the supply chain or source code. cybersecuritydive.com


Ransomware groups shift tactics and objectives
Ransomware attacks are shifting from malware-centric threats to more nuanced and sophisticated tactics.

The more savvy and technically adept groups behind these attacks are trying to extract as much ransom as possible by using data extortion and leak sites to increase the pressure on organizations.

"Ransomware is getting detonated to get your attention so that you will then go pay so you can get your data back,"

"They are trying to get money more so than they are trying to create devastation and destruction at this point," he said.

This includes a turn away from rapidly spreading malware across networks and instead exploiting vulnerabilities and zero days. The prevailing goal of ransomware groups today is to gain a foothold in a network so it can get an organization's attention and perhaps exfiltrate data, Renals said. cybersecuritydive.com


Reducing Fines By Following CISA Goals
CISA Releases Updated Cybersecurity Performance Goals
Today, we published stakeholder-based updates to the Cybersecurity Performance Goals (CPGs). Originally released last October, the CPGs are voluntary practices that businesses and critical infrastructure owners can take to protect themselves against cyber threats. The CPGs have been reorganized, reordered and renumbered to align closely with NIST CSF functions (Identify, Protect, Detect, Respond, and Recover) to help organizations more easily use the CPGs to prioritize investments as part of a broader cybersecurity program built around the CSF.

CISA urges stakeholders to review and learn more by visiting Cross-Sector Cybersecurity Performance Goals. cisa.org


Cybersecurity Skills Shortage, Recession Fears Drive 'Upskilling' Training Trend
For companies, training an existing worker is cheaper than hiring, while for employees, training brings job security and more interesting work.

Zero-Day Bug Allows Crypto Hackers to Drain $1.6M From Bitcoin ATMs

Memphis, TN: Lowe's employee steals $20K in items, sells them for $2K
A Lowe's employee admitted to stealing merchandise from the store and selling it to pocket the money. According to court records, on February 26, patrol deputies responded to an embezzlement complaint at Lowe's in Southeast Memphis. The Asset Protection Manager told them that an employee, Jacory Harris, approved transactions on missing merchandise. The items were worth over $20,000. After the manager conducted an internal investigation through store footage and transaction history, he called Harris into his office to confront him. The suspect admitted to the manager he took merchandise dating back to February 6 and sold it for $2,300, records say. The manager told officers that Harris had left his office and did not return. The manager then called the police. Police records say the total loss to the Lowe's store is $20,554.25.  wreg.com


Toledo, OH: Thief steals 6 flatscreen TVs from the same Best Buy over several weeks
A man in Ohio was allegedly able to walk out of a Best Buy while stealing a total of six TVs over the course of four weeks. The Toledo store's surveillance video has captured the suspect multiple times carrying a box with a flatscreen inside out to his vehicle. The security footage obtained by WTVG shows the man enter and leave the store several times from Feb. 14, 2023 to March 15, 2023. Each time, employees said he picks up a TV in a box, brings it to the front, and carries it out on his head. The suspect is typically seen wearing a sweatshirt with the hood up along with a white N95 mask that hides most of his face. One still image from a security video shows a man without a mask stealing a TV in the same way. Managers at the store said this man may or may not be the same suspect in all of the other cases.  wistv.com


Los Angeles, CA: LAPD looking for three women involved in retail theft ring
Detectives with the Los Angeles Police Department are asking for the public's help in identifying three women involved in an organized theft ring targeting retail stores in the LA area. According to officials, the suspects would enter stores with empty purses or shopping bags, take high-end makeup, eye care, and medication then leave the store without paying. According to the police department, the suspects are responsible for over $13,000 in property losses. In one video, the women were seen leaving a shoe store with bags filled while a man approached them and said "registers that way."  foxla.com


Rochester, MN: Police seeking suspect in Mac Book theft at Best Buy
Rochester police searched several businesses near Highway 52 and Frontage Road Monday evening, but did not locate a robbery suspect. According to RPD public information officer Amanda Grayson, Rochester police responded to a theft report at Best Buy (4050 Frontage Road) at 4:10 p.m. March 20. According to witnesses, a man in dark clothing ran out of the store "with his arms full of merchandise, including two MacBook Pros." A witness told police the man got into a black vehicle on East Frontage Road, and drove away. Officers searched the area and nearby businesses, but did not locate the suspect, Grayson said.  kaaltv.com


Memphis, TN: City Gear vandalized, $5k+ in merchandise stolen

Stevenson Ranch, TX: Four Juveniles At Large After Stealing Cell Phones From AT&T Store

East Cobb, GA: $1K of merchandise swiped from East Cobb Bath and Body Works

Wichita Falls, Woman with Duffle Bag filled with $800 of stolen items wrestles with Police inside Walmart

Warminster, PA: Police seek suspect in Fire Door Exit / Cart Load theft from Walmart